Remittance_advice For Uthscsa.com
Published On: September 12, 2022
Shared by gerwitz
This email is vague and has very little information. But the subject line of Remittance advice and the vague information is designed to entice the recipient into opening the attachment. The company Bagpoly is a company run out of India but it is possible the malicious actor is spoofing the company email address to add […]
Read more
Thank you for your payment
Published On: August 19, 2022
Shared by gerwitz
This has a PayPal logo and appears to be from the PayPal billing department thanking the recipient for their recent purchase. This tactic is used to entice the recipient to call the phone number to ensure the money isn’t taken out of their account. See the graphic below for the red flags in the email.
Read more
ITS or Official Technology
Published On: August 9, 2022
Shared by gerwitz
This message is not from Microsoft.com and clicking on the link could download malicious code to your computer of device. Always hover over links to see where the link is pointing.
Read more
Notification for uthscsa
Published On: July 28, 2022
Shared by gerwitz
This one keeps coming up and it is so dangerous, it needs to be put at the top of the list. This is an attempt to steal credentials from the recipient. They use “password expiring soon” to provoke a sense of urgency, hoping the sense of urgency will inspire the recipient to act without thinking […]
Read more
Assistant position or Employment Services
Published On: July 28, 2022
Shared by gerwitz
These emails have two malicious intents. In some cases, the PDF has malicious code designed to download a virus to the recipient’s computer or device. The virus then sends the same email to everyone in the Global Address List (GAL), so others will think the email came from someone inside the university, adding legitimacy. It […]
Read more
Request?
Published On: July 26, 2022
Shared by gerwitz
This email looks like it came from a member of our organization, but a scammer is using the name in an attempt to trick people into replying back. It seems harmless enough, but just replying back can tell the scammer they have the email address of someone who can be scammed. If I were to […]
Read more
Total Due
Published On: July 26, 2022
Shared by gerwitz
This email is not legitimate. There are 4 red flags. If you receive an email similar to this, delete it. The From field shows Xerox but the email address after it is not a xerox.com account. The email is coming from a domain that gives away accounts like gmail.com or yahoo.com, not a company’s domain […]
Read more
Document shared with you: “ADMIN EVALUATION FILE”
Published On: July 26, 2022
Shared by gerwitz
This is an example of Spear Phishing. The scammers know Dr. Henrich is the president of the university and having his name in the message might persuade people to click the Open button without really thinking it through. The email address it came from has nothing to do with our university and was probably a […]
Read more
Office365Alerts: Mail delivery failure
Published On: July 14, 2022
Shared by gerwitz
This email is designed to trick a person into clicking the View Messages link. It initially looks like it came from Microsoft but the email above the banner, “*EXTERNAL EMAIL*” shows the actual email address is from a domain named shapeways.com. Hovering over the “View messages” button shows it will not take the clicker to […]
Read more
Employee Appraisal
Published On: July 14, 2022
Shared by gerwitz
This email is fraudulent. Hovering over the link shows the site is coleigiolittlecollege.cl. This is either going to be a phish or will download a virus to the computer. If you receive an email similar to this, delete it. Employee performance review email notifications for UT Health SA will come from UT Health Human Resources. […]
Read more